cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

xMII personalization security problem

Go to solution
Former Member

on ‎04-03-2007 6:03 PM

0 Kudos

Hi, in my application, i need to create an user with login page.

I create a role called DemoUser, and create a HomePageDemoUser.xsl HeaderDemoUser.xml for this role.

I create a user called 'vow' and assign the role DemoUser to it.

I used the following url for user login.

http://localhost/LHSecurity/login?service=http%3A%2F%2Flocalhost%2FLighthammer%2FIlluminator%3Fservi...

After login page, the url is

http://localhost/Lighthammer/Illuminator?service=Personalization&ticket=ST-2-D0MaKMr0yh47ZmNRxt3g&sn...

At the prompt I entered vow and its password. However, when login, the layout doesn't follow the instructions in HomePageDemoUser.xsl and HeaderDemoUser.xml.

Instead, the system always considers the created user as a "Local Administrator".

The contents for Administrator as well as Everyone are accessible for user 'vow', which is not right. 'vow' is supposed to view contents for Everyone and DemoUser only.

Does anyone know what's wrong with my configuration?

Thank you very much.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-03-2007 6:24 PM
0 Kudos

Hi Yue,

What happens if you don't use "localhost", but the actual server name?

http://localhost will always take to the non-personalized home page (like Local Administrator)

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎04-03-2007 7:24 PM
0 Kudos

Hi Ryan. the above two problems are solved after changing localhost to the actual server name.

Show replies
Show replies
Former Member
‎04-03-2007 6:41 PM
0 Kudos

Hi Ryan,

I will try the real server name later.

But another serious problem is that the list on the left side is not expandable. I can only see the list header, not the items underneath it. However, by viewing the html source, i can see that the list items are there, but no javascript function is embedded in the html source code to handle the onClick --> expand/collapse issue.

Do you know what's wrong with it?

Thank you again.

Show replies
Show replies
Ask a Question